Windows CA issued certificate

This is a short step-by-step on how to import or generate a key on a YubiKey,
create a certificate request, submit that request to a Windows CA and then load
the certificate on the YubiKey. As an alternative, it also instructs you how to
import a private key and certificate from a .pfx file for use on a YubiKey.

For it to be useful in windows a chuid must be set as well:
(only if that wasn’t done earlier)
(--key[=STRING] is needed if the management key value is no longer the default value)

yubico-piv-tool -a set-chuid --key[=STRING]

Import a key and certificate from a .pfx file

Both the key and certificate can be imported with a single command (for slot 9a):
When prompted, enter the password for the .pfx file.
(--key[=STRING] is needed if the management key value is no longer the default value)